TCP

Transmission Control Protocol (TCP) A connection-oriented transport protocol. Connection-oriented transport protocols provide reliable transport, in that if a segment is dropped, the sender can detect that drop and retransmit that dropped
segment. Specifically, a receiver acknowledges segments that it receives. Based on those acknowledgments, a sender can determine which segments were successfully
received.

UDP

User Datagram Protocol A connectionless transport protocol. Connectionless transport protocols provide unreliable transport, in that if a segment is dropped, the sender is unaware of the drop, and no retransmission occurs.

FTP

File Transfer Protocol (FTP)

Works at the Application layer

FTP provides for the uploading and downloading of files from a remote host running FTP server software. As well as uploading and downloading files, FTP enables you to view the contents of folders on an FTP server and rename and delete files and directories if you have the necessary permissions.

One of the big problems associated with FTP is that it is considered insecure. Even though simple authentication methods are associated with FTP, it is still susceptible to relatively simple hacking approaches. In addition, FTP transmits data between sender and receiver in an unencrypted format.

SFTP

Secure File Transfer Protocol

A protocol that transfers files between clients securly,Based on Secure Shell (SSH) technology, provides robust authentication between sender and receiver. It also provides encryption capabilities, which means that even if packets are copied from the network, their contents remain hidden
from prying eyes.

TFTP

Trivial File Transfer Protocol

A variation on FTP is TFTP, which is also a file transfer mechanism. However, TFTP does not have the security capability or the level of functionality that FTP has. TFTP, is most often associated with simple downloads, such as those associated with transferring firmware to a device such as a router and booting diskless workstations.

Another feature that TFTP does not offer is directory navigation.

TFTP is an application layer protocol that uses UDP, which is a connectionless transport layer protocol. For this reason, TFTP is called a connectionless file transfer method.

SMTP

Simple Mail Transfer Protocol

SMTP is a protocol that defines how mail messages
are sent between hosts. SMTP uses TCP connections to guarantee error-free delivery of messages. SMTP is not overly sophisticated and requires that the destination host always be available.

SMTP can be used to both send and receive mail. Post Office Protocol version 3 (POP3) and Internet Message Access Protocol version 4 (IMAP4) can be used only to receive mail.

HTTP

Hypertext Transfer Protocol

HTTP, is the protocol that enables text, graphics, multimedia, and other material to be downloaded from an HTTP server. HTTP defines what actions can be requested by clients and how servers should answer those requests.

HTTP is a connection-oriented protocol that uses TCP as a transport protocol.

HTTPS

Hypertext Transfer Protocol Secure

One of the downsides of using HTTP is that HTTP requests are sent in clear text. For some applications, such as e-commerce, this method to exchange information is unsuitable—a more secure method is needed. The solution is
HTTPS, which uses a system known as Secure Socket Layer (SSL), which encrypts the information sent between the client and host.

POP3

Post Office Protocol Version 3

A mechanisms for downloading, or pulling, email from a server. They are necessary because although the mail is transported around the network via SMTP, users cannot always immediately read it, so it must be stored in a central location. From this location, it needs to be downloaded
or retrieved, which is what POP3 enable you to do.

One of the problems with POP3 is that the password used to access a mailbox is transmitted across the network in clear text. This means that if people want to, they could determine your POP3 password with relative ease.

IMAP4

Internet Message Access Protocol Version 4

A mechanisms for downloading, or pulling, email from a server. They are necessary because although the mail is transported around the network via SMTP, users cannot always immediately read it, so it must be stored in a central location. From this location, it needs to be downloaded
or retrieved, which is what IMAP4 enable you to do.

IMAP4 offers an advantage over POP3. It uses a more sophisticated authentication system, which makes it more difficult for people to determine a password.

Telnet

Telnet is a virtual terminal protocol. It enables sessions to be opened on a remote host, and then commands can be executed on that remote host. For many years, Telnet was the method by which clients accessed multiuser systems such as mainframes and minicomputers. It also was the connection method of choice for UNIX systems. Today, Telnet is still
commonly used to access routers and other managed network devices.

One of the problems with Telnet is that it is not secure. As a result, remote session functionality is now almost always achieved by using alternatives such as SSH.

SSH

Secure Shell (SSH) is a secure alternative to Telnet. SSH provides security by encrypting data as it travels between systems. This makes it difficult for hackers using
packet sniffers and other traffic-detection systems. It also provides more robust authentication systems than Telnet.

Two versions of SSH are available: SSH1 and SSH2. Of the two, SSH2 is considered more secure. The two versions are incompatible. If you use an SSH client program, the server implementation of SSH that you connect to must be the same version. Although SSH, like Telnet, is associated primarily with UNIX and Linux systems, implementations of SSH are available for all commonly used computing platforms, including Windows and Macintosh. As discussed earlier, SSH is the foundational technology for Secure File Transfer Protocol (SFTP).

(ICMP)

ICMP Is a protocol that works with the IP layer to provide error checking and reporting functionality. In effect, ICMP is a tool that IP uses in its quest to provide best-effort delivery.

ICMP can be used for a number of functions. Its most common function is probably the widely used and incredibly useful ping utility, which can send a stream of ICMP echo requests to a remote host.

ICMP also can return error messages such as Destination unreachable and Time exceeded. (The former message is reported when a destination cannot be contacted and the latter when the Time To Live [TTL] of a datagram has been exceeded.)

ICMP performs source quench. In a source quench scenario, the receiving host cannot handle the influx of data at the same rate as the data is sent. To slow down the sending host, the receiving host sends ICMP source quench messages, telling the sender to slow down. This action prevents packets from dropping and having to be re-sent.

ARP

Address Resolution Protocol (ARP)

ARP, is responsible for resolving IP addresses to Media Access Control (MAC) addresses. When a system attempts to contact another host, IP first determines whether the other host is on the same network it is on by looking at the IP address. If IP determines that the destination is on the local network, it consults the ARP cache to see whether it has a
corresponding entry. The ARP cache is a table on the local system that stores mappings between data link layer addresses (the MAC address or physical address) and network layer addresses (IP addresses).

RARP

Reverse Address Resolution Protocol (RARP)

Performs the same function as ARP, but in reverse. In other words, it resolves MAC addresses to IP addresses.
RARP makes it possible for applications or systems to learn their own IP address from a router or Domain Name Service (DNS) server. Such a resolution is useful for tasks such as performing reverse lookups in DNS.

NTP

Network Time Protocol

NTP is the part of the TCP/IP protocol suite that facilitates the communication of time between systems. The idea is that
one system configured as a time provider transmits time information to other systems that can be both time receivers and time providers for other systems.

NNTP

Network News Transfer Protocol

Is a protocol associated with posting and retrieving messages to and from newsgroups. A newsgroup is a discussion
forum hosted on a remote system. By using NNTP client software, like that included with many common email clients, users can post, reply to, and retrieve messages.
Although web-based discussion forums are slowly replacing newsgroups, demand for newsgroup access remains high.

The distinction between webbased discussion forums and NNTP newsgroups is that messages are retrieved
from the server to be read. In contrast, on a web-based discussion forum, the messages are not downloaded. They are simply viewed from a remote location.

SCP

Secure Copy Protocol

Secure Copy Protocol (SCP) is another protocol based on SSH technology. SCP provides a secure means to copy files between systems on a network. By using SSH technology, it encrypts data as it travels across the network, thereby
securing it from eavesdropping. It is intended as a more secure substitute for Remote Copy Protocol (RCP). SCP is available as a command-line utility, or as part of application software for most commonly used computing platforms.

LDAP

Lightweight Directory Access Protocol

Lightweight Directory Access Protocol (LDAP) is a protocol that provides a mechanism to access and query directory services systems. In the context of the Network+ exam, these directory services systems are most likely to be Novell
Directory Services (NDS) and Microsoft's Active Directory. Although LDAP supports command-line queries executed directly against the directory database, most LDAP interactions are via utilities such as an authentication program
(network logon) or locating a resource in the directory through a search utility.

IGMP

Internet Group Management Protocol

The protocol within the TCP/IP protocol suite that manages multicast groups. It enables, for example, one computer on the Internet to target content to a specific group of computers
that will receive content from the sending system.

IGMP is used to register devices into a multicast group, as well as to discover what other devices on the network are members of the same multicast group. Common applications for multicasting include groups of routers on an internetwork
and videoconferencing clients.

TLS

Transport Layer Security

A security protocol designed to ensure privacy between communicating client/server applications. When a server and client communicate, TLS ensures that no one can eavesdrop and intercept or otherwise tamper with the data message. TLS is the successor to SSL.

TLS record protocol: Uses a reliable transport protocol such as TCP and ensures that the connection made between systems is private using data encryption.

TLS handshake protocol: Used for authentication between the client and server.

SIP

Session Initiation Protocol

An application layer protocol designed to establish and maintain multimedia sessions, such as Internet telephony calls. This means that SIP can create communication sessions for such features as audio/videoconferencing, online gaming, and person-to-person conversations over the Internet. SIP does not operate alone; it uses TCP or UDP as a transport protocol.

RTP

The Real-time Transport Protocol

is the Internet-standard protocol for the transport of real-time data, including audio and video. RTP can use either TCP or UDP as a transport mechanism. However, UDP is used more
often because applications using RTP are less sensitive to packet loss but typically are sensitive to delays. UDP, then, is a faster protocol because packet delivery is not guaranteed. RTP is often used with VoIP. VoIP data packets live in RTP packets, which are inside UDP-IP packets.

The data part supports applications with real-time properties such as continuous media (such as audio and video), including timing reconstruction, loss detection, security, and content identification.

The control part (RTCP) supports real-time conferencing of groups of any size within an internet.

DHCP

Dynamic Host Configuration Protocol (DHCP),
enables ranges of IP addresses, known as scopes, to be defined on a system running a DHCP server application. When another system configured as a DHCP client is initialized, it asks the server for an address. If all things are as
they should be, the server assigns an address from the scope to the client for a predetermined amount of time, known as the lease.

In addition to an IP address and the subnet mask, the DHCP server can supply many other pieces of information; although, exactly what can be provided depends on the DHCP server implementation. In addition to the address information, the default gateway is often supplied, along with DNS
information.

DHCP lease

lease is the length of time the client can have the assigned IP address.

At various points during the lease (normally the 50 percent and 85 percent points), the client attempts to renew the lease from the server. If the server cannot perform a renewal, the lease expires at 100 percent, and the client stops using the address.

DHCP Scope

DHCP Reservation

In addition to having DHCP supply a random address from the scope, you can configure it to supply a specific address to a client. Such an arrangement is known as a reservation. Reservations are a means by which you can still use DHCP for a system but at the same time guarantee that it always has the same IP address. DHCP can also be configured for exclusions. In this scenario, certain IP addresses are not given out to client systems.

DHCP advantages

First, administrators do not need to manually configure each system. Second, human error such as the assignment of duplicate IP addresses is eliminated. Third, DHCP removes the need to reconfigure systems if they move from one subnet to another, or if you decide to make a wholesale change in the IP addressing structure.

DHCP disadvantages

DHCP traffic is broadcast-based and thus generates network
traffic—albeit a small amount. Finally, the DHCP server software must be installed and configured on a server, which can place additional processor load (again, minimal) on that system.

SNMP

Simple Network Management Protocol

Provides network devices with a method to monitor and control network devices; manage configurations, statistics
collection, performance, and security; and report network management information to a management console.

Both SNMPv1 and v2 are not secured.

SNMPv3 An enhanced SNMP service offering both encryption and authentication services.

MIB

SNMP Communities

SNMP communities are logical groupings of systems. When a system is configured as part of a community, it communicates only with other devices that have the same community name. In addition, it accepts Get, Get Next, or Set commands only from an SNMP manager with a community name it recognizes.